Systems and methods for authorization and data transmission for multicast broadcast services

ABSTRACT

A method for a base station to provide multicast broadcast services (MBSs). The method includes: obtaining an MBS authorization key (MAK); generating a number as an MBS group traffic encryption key (MGTEK); using a service credit number (SCN) to count an amount of service time or MBS content data; generating an MBS traffic key (MTK) based on at least the MAK and the MGTEK; encrypting MBS content data with the MTK; and transmitting the encrypted MBS content data to provide the MBSs.

RELATED APPLICATIONS

This application is based upon and claims the benefit of priority fromU.S. Provisional Patent Application Nos. 61/081,011, filed Jul. 15,2008, the entire contents of which are incorporated herein by reference.

FIELD OF THE DISCLOSURE

This disclosure relates to systems and methods for authorization anddata transmission for multicast broadcast services (MBSs).

BACKGROUND

Multicast and/or broadcast services (MBSs), also known as multimediabroadcast multicast services (MBMSs), provide content data to aplurality of users who desire to receive such service in a communicationnetwork. For example, the content data may be movies, games, files,software programs, or TV programs, and is usually provided by one ormore content providers.

FIG. 1 illustrates a block diagram of a conventional communicationsystem 100 for providing MBSs. The communication system 100 includes oneor more MBS content servers such as MBS content servers 102-1, 102-2,and 102-3, and one or more base stations (BSs) such as base stations104-1 and 104-2. For example, the MBS content server 102-1 and the basestations 104-1 and 104-2 may be in a network 106, and the MBS contentservers 102-2 and 102-3 may be outside the network 106. In addition, thecommunication system 100 further includes at least one subscriberstation (SS) 108 to receive MBSs from the base stations 104-1 and/or104-2.

Conventionally, the communication system 100 provides MBSs based on acommunication standard, such as a digital video broadcasting (DVB)standard or an IEEE 802.16 standard. For example, based on the DVBstandard, the base station 104-1 or 104-2 receives MBS content data fromone or more of the MBS content servers 102-1,102-2, and 102-3. The basestation 104-1 or 104-2 then transmits the received MBS content data tothe subscriber station 108. Typically, to prevent unauthorized usersfrom receiving the MBSs, the MBS content data is encrypted in anapplication layer or based on an Internet Protocol Security (IPSEC)mechanism in a Transmission Control Protocol/Internet Protocol (TCP/IP)layer. However, data transmission between the base station 104-1 or104-2 and the subscriber station 108 may not be encrypted.

Also for example, based on the IEEE 802.16 standard, the base station104-1 or 104-2 receives MBS content data from one or more of the MBScontent servers 102-1, 102-2, and 102-3. The base station 104-1 or 104-2may, in order to prevent unauthorized users from receiving the MBSs,encrypt the received MBS content data with an MBS traffic key (MTK), andtransmit the encrypted MBS content data to the subscriber station 108.If an MBS does not need encryption protection, the base station 104-1 or104-2 may not encrypt MBS content data for that MBS.

FIG. 2 illustrates a conventional method 200 to generate an MTK 202based on the IEEE 802.16 standard. For example, a base station, such asthe base station 104-1 or 104-2 (FIG. 1), may obtain a master key, suchas an MBS authorization key (MAK) 204, from an MBS content server, suchas the MBS content server 102-1, 102-2, or 102-3 (FIG. 1), or a thirdparty server, such as an Authentication Authorization Accounting (AAA)server, while performing authorization with the MBS content server. Thebase station also generates a random number as an MBS group trafficencryption key (MGTEK) 206. The base station further uses a function,e.g., the Dot16KDF function, to generate the MTK 202. In addition, thebase station transmits the MGTEK 206 to a subscriber station such as thesubscriber station 108 (FIG. 1) based on, e.g., the Privacy and KeyManagement version 2 (PKMv2) protocol. Similarly, the subscriber stationmay obtain the MAK 204 from the MBS content server during authorization,and use the MAK 204 and the MGTEK 206 received from the base station togenerate the MTK 202. Accordingly, the base station may use the MTK 202to encrypt MBS content data, and the subscriber station may use the MTK202 to decrypt encrypted MBS content data received from the basestation, thereby to receive the MBSs. However, security problems mayoccur based on the conventional method 200. For example, when theconventional method 200 is used, a tricky user may have unauthorizedaccess to encrypted MBS content data, as described below. A tricky useris a user terminal that uses key information that is obtained when thetricky user is an authorized user to decrypt encrypted MBS content datathat is received when the tricky user is an unauthorized user.

FIG. 3 illustrates a conventional MBS data transmission process 300, inwhich security problems may occur. Referring to FIG. 3, an MBS contentserver 302 transmits MBS content data to a base station 304. The basestation 304 encrypts the MBS content data with an MTK and transmits theencrypted MBS content data to authorized users such as subscriberstations 306-1 and 306-2. However, a tricky user 306-3, which iscurrently an unauthorized user terminal, may also receive the encryptedMBS content data by unauthorized access to the base station 304 (308).The tricky user 306-3 may store the encrypted MBS content data in abuffer. Later, when the tricky user 306-3 joins the MBSs and finishesauthorization with the MBS content server 302 (310), the tricky user306-3 becomes a subscriber and obtains the MTK. The tricky user 306-3may then use the MTK to decrypt the encrypted MBS content data stored inthe buffer that was received before the tricky user 306-3 joined theMBSs.

FIG. 4 illustrates a conventional MBS data transmission process 400, inwhich security problems may occur. Referring to FIG. 4, an MBS contentserver 402 transmits MBS content data to a base station 404. The basestation 404 encrypts the MBS content data with an MTK and transmits theencrypted MBS content data to authorized users. Because subscriberstations 406-1 and 406-2 and a tricky user 406-3 join the MBSs andperform authorization with the MBS content server 402 (408), they havethe MTK to decrypt the encrypted MBS content data received from the basestation 404 (410). Later, the tricky user 406-3 leaves the MBSs (412).However, because the tricky user 406-3 has the MTK, the tricky user406-3 may continue to receive encrypted MBS content data by unauthorizedaccess to the base station 404 and decrypt the encrypted MBS contentdata to receive the MBSs (414).

SUMMARY

According to a first aspect of the present disclosure, there is provideda method for a base station to provide multicast broadcast services(MBSs), comprising: obtaining an MBS authorization key (MAK); generatinga number as an MBS group traffic encryption key (MGTEK); using a servicecredit number (SCN) to count an amount of service time or MBS contentdata; generating an MBS traffic key (MTK) based on at least the MAK andthe MGTEK; encrypting MBS content data with the MTK; and transmittingthe encrypted MBS content data to provide the MBSs.

According to a second aspect of the present disclosure, there isprovided a base station to provide multicast broadcast services (MBSs),comprising: a processor, the processor being configured to: obtain anMBS authorization key (MAK); generate a number as an MBS group trafficencryption key (MGTEK); use a service credit number (SCN) to count anamount of service time or MBS content data; generate an MBS traffic key(MTK) based on at least the MAK and the MGTEK; and encrypt MBS contentdata with the MTK.

According to a third aspect of the present disclosure, there is provideda method for a subscriber station to receive multicast broadcastservices (MBSs) from a base station, comprising: obtaining an MBSauthorization key (MAK); receiving, from the base station, an MBS grouptraffic encryption key (MGTEK) and encrypted MBS content data;generating an MBS traffic key (MTK) based on the MAK and the MGTEK; anddecrypting the encrypted MBS content data with the MTK to receive theMBSs; wherein the MGTEK is a number generated by the base station; andthe MGTEK is updated according to a service credit number (SCN), the SCNbeing used by the base station to count an amount of service time or MBScontent data.

According to a fourth aspect of the present disclosure, there isprovided a subscriber station to receive multicast broadcast services(MBSs) from a base station, comprising: a processor, the processor beingconfigured to: obtain an MBS authorization key (MAK); receive, from thebase station, an MBS group traffic encryption key (MGTEK) and encryptedMBS content data; generate an MBS traffic key (MTK) based on the MAK andthe MGTEK; and decrypt the encrypted MBS content data with the MTK;wherein the MGTEK is a number generated by the base station; and theMGTEK is updated according to a service credit number (SCN), the SCNbeing used by the base station to count an amount of service time or MBScontent data.

It is to be understood that both the foregoing general description andthe following detailed description are exemplary and explanatory onlyand are not restrictive of the invention, as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of this specification, illustrate embodiments of the invention and,together with the description, serve to explain the principles of theinvention.

FIG. 1 illustrates a block diagram of a conventional communicationsystem for providing multicast broadcast services (MBSs).

FIG. 2 illustrates a conventional method to generate an MBS traffic key(MTK) based on the IEEE 802.16 standard.

FIG. 3 illustrates a conventional MBS data transmission process.

FIG. 4 illustrates a conventional MBS data transmission process.

FIG. 5 illustrates a block diagram of a communication system forproviding MBSs, according to an exemplary embodiment.

FIG. 6 illustrates a method to generate an MTK, according to anexemplary embodiment.

FIG. 7 illustrates a method to generate an MTK, according to anexemplary embodiment.

FIG. 8 illustrates a method to update an MTK, according to an exemplaryembodiment.

FIG. 9 illustrates an MTK updating process, according to an exemplaryembodiment.

FIG. 10 illustrates an MBS authorization key (MAK) updating process,according to an exemplary embodiment.

FIG. 11 illustrates an MBS data transmission process, according to anexemplary embodiment.

FIG. 12 illustrates an MBS data transmission process, according to anexemplary embodiment.

FIG. 13 illustrates an MBS data transmission process, according to anexemplary embodiment.

FIG. 14 illustrates a flow chart of an operation process for a basestation to provide MBSs, according to an exemplary embodiment.

FIG. 15 illustrates a flow chart of an operation process for asubscriber station to receive MBSs, according to an exemplaryembodiment.

FIG. 16 illustrates a flow chart of an operation process for an MBScontent server to provide MBSs, according to an exemplary embodiment.

FIG. 17 illustrates a block diagram of a base station, according to anexemplary embodiment.

FIG. 18 illustrates a block diagram of a subscriber station, accordingto an exemplary embodiment.

DESCRIPTION OF THE EMBODIMENTS

Reference will now be made in detail to exemplary embodiments, examplesof which are illustrated in the accompanying drawings. The followingdescription refers to the accompanying drawings in which the samenumbers in different drawings represent the same or similar elementsunless otherwise represented. The implementations set forth in thefollowing description of exemplary embodiments consistent with thepresent invention do not represent all implementations consistent withthe invention. Instead, they are merely examples of systems and methodsconsistent with aspects related to the invention as recited in theappended claims.

In exemplary embodiments, there are provided systems and methods forauthorization and data transmission for multicast broadcast services(MBSs), also known as multimedia broadcast multicast services (MBMSs).Based on the provided systems and methods, an MBS traffic key (MTK) maybe generated and updated at both a base station (BS) providing the MBSsand a subscriber station (SS) receiving the MBSs. The base station mayuse the MTK to encrypt MBS content data, and the subscriber station mayuse the MTK to decrypt the encrypted MBS data received from the basestation.

FIG. 5 illustrates a block diagram of a communication system 500 forproviding MBSs, according to an exemplary embodiment. The communicationsystem 500 includes one or more MBS content servers such as first,second, and third MBS content servers 502-1, 502-2, and 502-3, and oneor more base stations (BSs) such as first and second base stations 504-1and 504-2. For example, the MBS content server 502-1 and the basestations 504-1 and 504-2 may be in a network 506, and the MBS contentservers 502-2 and 502-3 may be outside the network 506. In addition, thecommunication system 500 may further include at least one subscriberstation (SS) 508 to receive the MBSs from the base stations 504-1 and/or504-2.

In exemplary embodiments, the base station 504-1 or 504-2 receives MBScontent data from one or more of the MBS content servers 502-1, 502-2,and 502-3. The base station 504-1 or 504-2 is configured to generate anMTK based on methods consistent with the present invention, as describedbelow, and use the MTK to encrypt the MBS content data. The subscriberstation 508 is configured to generate the MTK based on methodsconsistent with the present invention, as described below, and use theMTK to decrypt the encrypted MBS content data received from base station504-1 or 504-2.

FIG. 6 illustrates a method 600 to generate an MTK 602, according to anexemplary embodiment. For example, a base station, such as the basestation 504-1 or 504-2 (FIG. 5), may use a function, e.g., the Dot16KDFfunction, to generate the MTK 602 based on an MBS authorization key(MAK) 604, an MBS group traffic encryption key (MGTEK) 606, and aservice credit number (SCN) 608.

In exemplary embodiments, the MAK 604 is a master key to generate otherkeys. For example, the base station may obtain the MAK 604 from an MBScontent server such as the MBS content server 502-1, 502-2, or 502-3(FIG. 5). In such situation, the MBS content server also operates as anauthentication, authorization, accounting (AAA) server.

In exemplary embodiments, the MGTEK 606 is a number, e.g., a randomnumber, generated by the base station, and may be transmitted based on aprotocol, e.g., the Privacy and Key Management version 2 (PKMv2)protocol provided in the IEEE 802.16 standard, to a subscriber stationreceiving the MBSs, such as the subscriber station 508 (FIG. 5).

In exemplary embodiments, the SCN 608 is a parameter used by the basestation to count, e.g., an amount of service time or an amount of MBScontent data. In other words, the SCN 608 is updated as the base stationtransmits MBS content data. The SCN 608 may also be transmitted to thesubscriber station based on a protocol, e.g., the PKMv2 protocol.

In exemplary embodiments, the subscriber station may obtain the MAK 604from the MBS content server. Alternatively, the MAK 604 may be set inthe subscriber station, or a user may input the MAK 604 to thesubscriber station. The subscriber station may further receive the MGTEK606 and the SCN 608 from the base station. As a result, the subscriberstation may also use the function, e.g., the Dot16KDF function, togenerate the MTK 602 based on the MAK 604, the MGTEK 606, and the SCN608.

As noted above, the SCN 608 is used by the base station to count theamount of service time or MBS content data, and is therefore updated asthe base station transmits MBS content data. In exemplary embodiments,when the SCN 608 is updated, the base station uses the updated SCN 608to update the MTK 602. As a result, for example, the base stationupdates the MTK 602 for each ten minutes of service time, or for eachten megabytes (MB) of transmitted MBS content data.

Before the base station uses the updated SCN 608 to update the MTK 602,the base station also transmits the updated SCN 608 to the subscriberstation, and notifies the subscriber of a time to update the MTK 602.When it is the time to update the MTK 602, the base station andsubscriber station both use the updated SCN 608 to update the MTK 602.

FIG. 7 illustrates a method 700 to generate an MTK 702, according to anexemplary embodiment. For example, a base station, such as the basestation 504-1 or 504-2 (FIG. 5), may use a function, e.g., the Dot16KDFfunction, to generate the MTK 702 based on an MBS authorization key(MAK) 704 and an MBS group traffic encryption key (MGTEK) 706, whereinthe MGTEK 706 is triggered to be updated when a service credit number(SCN) 708 is updated.

In exemplary embodiments, the MAK 704 is a master key to generate otherkeys. For example, the base station may receive the MAK 704 from an MBScontent server such as the MBS content server 502-1, 502-2, or 502-3. Insuch situation, the MBS content server also operates as anauthentication, authorization, accounting (AAA) server.

In exemplary embodiments, the MGTEK 706 is a number, e.g., a randomnumber, generated by the base station, and may be transmitted based on aprotocol, e.g., the Privacy and Key Management version 2 (PKMv2)protocol provided in the IEEE 802.16 standard, to a subscriber stationreceiving the MBSs, such as the subscriber station 508 (FIG. 5).

In exemplary embodiments, the SCN 708 is a parameter used by the basestation to count, e.g., an amount of service time or an amount of MBScontent data. In other words, the SCN 708 is updated as the base stationtransmits MBS content data. Different from the method 600 (FIG. 6), theSCN 708 is not transmitted to the subscriber station.

In exemplary embodiments, the subscriber station may obtain the MAK 704from the MBS content server. Alternatively, the MAK 704 may be set inthe subscriber station, or a user may input the MAK 704 to thesubscriber station. The subscriber station may further receive the MGTEK706 from the base station. As a result, the subscriber station may alsouse the function, e.g., the Dot16KDF function, to generate the MTK 702based on the MAK 704 and the MGTEK 706.

As noted above, the SCN 708 may be used by the base station to count theamount of service time or MBS content data, and is therefore updated asthe base station transmits MBS content data. In exemplary embodiments,when the SCN 708 is updated, the base station is triggered to update theMGTEK 706, and use the updated MGTEK 706 to update the MTK 702. As aresult, for example, the base station updates the MTK 702 for each tenminutes of service time, or for each ten megabytes (MB) of transmittedMBS content data.

FIG. 8 illustrates a method 800 to update an MTK, according to anexemplary embodiment. For example, a base station, such as the basestation 504-1 (FIG. 5), and a subscriber station, such as the subscriberstation 508 (FIG. 5), may use the method 800 to update the MTK.

Referring to FIGS. 5 and 8, the base station 504-1 transmits data frames802 for providing MBSs. The data frames 802 include maps 804 to indicatetime and frequency resources allocated for MBS content data. As aresult, based on the maps 804, the subscriber station can determine whenand where to read the MBS content data following each of the maps 804,as indicated by the dashed arrows in FIG. 8. In addition, the MBScontent data is encrypted with the MTK. When an event occurs, forexample, when a new subscriber station (not shown) joins the MBSs, orwhen another subscriber station (not shown) leaves the MBSs or runs outof credit, or when the subscriber station 508 has received the MBSs fora predetermined amount of service time or MBS content data, the basestation 504-1 may determine to update the MTK.

In exemplary embodiments, before the base station 504-1 updates the MTK,the base station transmits a key indicator 806, the key indicator 806indicating time and frequency resources allocated for key material 808,as indicated by the solid arrow in FIG. 8. The key material 808 includeskey information for the subscriber station 508 to update the MTK. Forexample, if the base station 504-1 uses the method 600 (FIG. 6) togenerate the MTK, the key material 808 may include an updated SCN. Alsofor example, if the base station 504-1 uses the method 700 (FIG. 7) togenerate the MTK, the key material 808 may include an updated MGTEK. Thebase station further transmits the key material 808 according to thetime and frequency resources indicated by the key indicator 806.

In exemplary embodiments, the base station 504-1 separately transmitsthe key material 808 and the encrypted MBS content data. Accordingly,when the subscriber station 508 receives the key indicator 806, thesubscriber station 508 may read the key material 808 for updating theMTK. In addition, at least one of the key indicator 806 or the keymaterial 808 may include information regarding a time t0 or an event,e.g., a message or another indicator, for updating the MTK. As a result,the subscriber station 508 should further know when to update the MTK.

In exemplary embodiments, before the time t0, the base station 504-1still uses the present MTK to encrypt MBS content data, and thesubscriber station 508 still uses the present MTK to decrypt theencrypted MBS data received from the base station 504-1. At time t0 orwhen the event occurs, the base station 504-1 and the subscriber station508 both update the present MTK to generate an updated MTK. Accordingly,for example, the base station 504-1 uses the updated MTK to encrypt MBScontent data, and the subscriber station 508 uses the updated MTK todecrypt the encrypted MBS content data received from the base station504-1. Because the base station 504-1 separately transmits the keymaterial 808 and the encrypted MBS content data, a tricky user shouldnot be able to obtain the key material 808 by buffering the encryptedMBS content data. Accordingly, the tricky user should not have theupdated MTK to decrypt the buffered MBS content data.

In exemplary embodiments, a base station may also use an SCN forauthorization and billing purposes, in addition to generating an MTK.For example, referring back to FIG. 5, the base station 504-1 may use anSCN to count an amount of service time for, e.g., a movie. The basestation 504-1 may update the SCN for each ten minutes of transmittedmovie. After updating the SCN for, e.g., ten times, which corresponds toone hundred minutes of transmitted movie, the base station 504-1 mayrequest the subscriber station 508 to perform reauthorization with,e.g., the MBS content server 502-1, to ensure that the subscriberstation 508 has enough credit to continue to receive the MBS. If the MBScontent server 502-1 determines that the subscriber station 508 hasenough credit to continue to receive the MBS, the MBS content server 508updates the MAK, and sends the updated MAK to the subscriber station 508and the base station 504-1. As a result, the subscriber station 508 andthe base station 504-1 further update the MTK based on the updated MAK,and the subscriber station 508 continues to receive the MBS.

Also for example, the base station 504-1 may use an SCN to count anamount of MBS content data for, e.g., a movie. The base station 504-1may update the SCN for each 5 MB of transmitted movie. After updatingthe SCN for, e.g., thirty times, which corresponds to 150 MB oftransmitted movie, the base station 504-1 may request the subscriberstation 508 to perform reauthorization with, e.g., the MBS contentserver 502-1, to ensure that the subscriber station 508 has enoughcredit to continue to receive the MBS. If the MBS content server 502-1determines the subscriber station 508 has enough credit to continue toreceive the MBS, the MBS content server 502-1 updates the MAK, and sendsthe updated MAK to the subscriber station 508 and the base station504-1. As a result, the subscriber station 508 and the base station504-1 further update the MTK based on the updated MAK, and thesubscriber station 508 continues to receive the MBS.

FIG. 9 illustrates an MTK updating process 900, according to anexemplary embodiment. Referring to FIG. 9, an MBS content server 902, abase station 904, and subscriber stations 906 are shown to illustratethe MTK updating process 900. For example, the MBS content server 902may be the MBS content server 502-1, 502-2, or 502-3 (FIG. 5), the basestation 904 may be the base station 504-1 or 504-2 (FIG. 5), and any oneof the subscriber stations 906 may be the subscriber station 508 (FIG.5).

In exemplary embodiments, the base station 904 and the subscriberstations 906 perform authorization with the MBS content server 902 toobtain a MAK (908). The base station 904 and the subscriber stations 906further generate an MTK, e.g., MTK1, based on the MAK. Accordingly, thebase station 904 uses MTK1 to encrypt MBS content data, and thesubscriber stations 906 uses MTK1 to decrypt the encrypted MBS contentdata received from the base station 904 (910).

After a time period of service, an event may occur that causes the basestation 904 to determine to update the MTK, as described above.Accordingly, the base station 904 multicasts key material including anSCN SCN2 or an MGTEK MGTEK2 to the subscriber stations 906, and notifiesthe subscriber stations 906 to update the MTK at a first time t1 or whena first event occurs (912). Before the time t1 or the first event occursfor updating the MTK, the base station 904 still uses MTK1 to encryptMBS content data, and the subscriber stations 906 still use MTK1 todecrypt the encrypted MBS data received from the base station 904 (914).

At time t1 or when the first event occurs, the base station 904 and thesubscriber stations 906 update the MTK to generate an updated MTK, e.g.,MTK2, based on SCN2 or MGTEK2 (916). Accordingly, the base station 904uses MTK2 to encrypt MBS content data, and the subscriber stations 906uses MTK2 to decrypt the encrypted MBS content data received from thebase station 904 (918).

Similarly, after another time period of service, another event may occurthat causes the base station 904 to determine to update the MTK, asdescribed above. Accordingly, the base station 904 multicasts keymaterial including an updated SCN SCN3 or an updated MGTEK MGTEK3 to thesubscriber stations 906, and notifies the subscriber stations 906 toupdate the MTK at a second time t2 or when a second event occurs (920).Before the time t2 or the second event occurs for updating the MTK, thebase station 904 still uses MTK2 to encrypt MBS content data, and thesubscriber stations 906 still use MTK2 to decrypt the encrypted MBS datareceived from the base station 904 (922).

At time t2 or when the second event occurs, the base station 904 and thesubscriber stations 906 update the MTK to generate an updated MTK, e.g.,MTK3, based on SCN3 or MGTEK3 (924). Accordingly, the base station 904uses MTK3 to encrypt MBS content data, and the subscriber stations 906uses MTK3 to decrypt the encrypted MBS content data received from thebase station 904 (926). As the above described process is repeated, thebase station 904 and the subscriber stations 906 further update the MTK.

FIG. 10 illustrates an MAK updating process 1000, according to anexemplary embodiment. As described above, after updating an SCN for,e.g., thirty times, a base station may request a subscriber station toperform reauthorization with an MBS content server, to ensure that thesubscriber station has enough credit to continue to receive the MBS. Ifthe MBS content server determines that the subscriber station has enoughcredit to continue to receive the MBS, the base station and the mobilestation may perform MAK updating.

Referring to FIG. 10, an MBS content server 1002, a base station 1004,and subscriber stations 1006 are shown to illustrate the MAK updatingprocess 1000. For example, the MBS content server 1002 may be the MBScontent server 502-1, 502-2, or 502-3 (FIG. 5), the base station 1004may be the base station 504-1 or 504-2 (FIG. 5), and any one of thesubscriber stations 1006 may be the subscriber station 508 (FIG. 5).

In exemplary embodiments, the base station 1004 and the subscriberstations 1006 perform authorization with the MBS content server 1002 toobtain a MAK, e.g., MAK a (1008). The base station 1004 and thesubscriber stations 1006 further generate an MTK, e.g., MTK a1, based onMAK a, an MGTEK, and/or an SCN. The base station 1004 then encrypts MBScontent data with MTK a1, and the subscriber stations 1006 decrypt withMTK a1 the encrypted MBS content data received from the base station1004 (1010). Each time an event occurs that causes the base station 1004to determine to update the MTK, as described above, the base station1004 and the subscriber stations 1006 update their MTK to, e.g., MTK a2,. . . , MTK aN, based on MAK a (1012).

In exemplary embodiments, when the SCN is updated a predetermined numberof times, e.g., thirty times, the base station 1004 may request thesubscriber stations 1006 to perform reauthorization with the MBS contentserver 1002 (1014). If the MBS content server 1002 determines that thesubscriber stations 1006 each have enough credit to continue to receivethe MBS, the subscriber stations 1006 may each obtain an updated MAK,e.g., MAK b. The base station 1004 and the subscriber stations 1006further update the MTK to generate an updated MTK, e.g., MTK b1, basedon MAK b.

The base station 1004 then encrypts MBS content data with MTK b1, andthe subscriber stations 1006 decrypt the encrypted MBS content datareceived from the base station 1004 with MTK b1 (1016). Each time anevent occurs that causes the base station 1004 to determine to updatethe MTK, as described above, the base station 1004 and the subscriberstations 1006 update their MTK to, e.g., MTK b2, . . . , MTK bN, basedon MAK b (1018). As the above process is repeated, the base station 1004and the subscriber station 1006 may update their MAK.

FIG. 11 illustrates an MBS data transmission process 11 00 based on theabove-described key generating and updating methods, according to anexemplary embodiment. The process 1100 may prevent a tricky user fromdecrypting encrypted MBS content data. Referring to FIG. 11, an MBScontent server 1102, a base station 1104, a subscriber station 1106, anda tricky user 1108 are shown to illustrate the data transmission process1100.

In one exemplary embodiment, before the tricky user 1108 joins the MBSs,the base station 1104 transmits MBS content data to a plurality ofsubscriber stations including the subscriber station 1106 (1110). TheMBS content data is encrypted with MTKs, such as first, second, andthird MTKs MTK1, MTK2, and MTK3, respectively, which are generated basedon first, second, and third SCNs SCN1, SCN2, and SCN3, respectively. Thetricky user 1108 stores the encrypted MBS content data, wishing todecrypt the stored MBS content data after the tricky user 1108 joins theMBSs.

Later, the tricky user 1108 joins the MBSs and obtains a MAK duringperforming authorization with the MBS content server 1102 (1112). Thetricky user 1108 then generates an MTK, e.g., MTK4, based on the MAK anda fourth SCN, e.g., SCN4 (1114) received from the base station 1104.Because the previously stored MBS content data is encrypted with MTK1,MTK2, or MTK3, the tricky user 1108 can not use MTK4 to decrypt thepreviously stored MBS content data.

FIG. 12 illustrates an MBS data transmission process 1200 based on theabove-described key generating and updating methods, according to anexemplary embodiment. The process 1200 may prevent a tricky user fromcontinuing to receive MBSs after the tricky user leaves the MBSs.Referring to FIG. 12, an MBS content server 1202, a base station 1204, asubscriber station 1206, and a tricky user 1208 are shown to illustratethe data transmission process 1200.

In one exemplary embodiment, before the tricky user 1208 leaves theMBSs, the base station 1204, the subscriber station 1206, and the trickyuser 1208 may generate an MTK, e.g., MTK1, based on a MAK, e.g., MAK1.The base station 1204 encrypts MBS content data with MTK1. Thesubscriber station 1206 and the tricky user 1208 decrypt with MTK1 theencrypted MBS data received from the base station 1204 (1210).

After the tricky user 1208 leaves the MBSs or runs out of credit (1212),the subscriber station 1206 performs reauthorization with the contentserver 1202, to obtain an updated MAK, e.g., MAK2 (1214). The basestation 1204 uses MAK2 to generate updated MTKs such as MTK2, MTK3, andMTK4, and encrypts MBS content data with MTK2, MTK3, or MTK4 (1214). Thesubscriber station 1206 also uses MAK2 to generate updated MTKs MTK2,MTK3, and MTK4, and decrypt with MTK2, MTK3, or MTK4 the encrypted MBScontent data received from the base station 1204. However, because thetricky user 1208 does not have MAK2, the tricky user 1208 can notgenerate MTK2, MTK3, or MTK4. As a result, the tricky user 1208 can notdecrypt the encrypted MBS data received from the base station 1204 afterthe tricky user 1208 leaves the MBSs or runs out of credit.

FIG. 13 illustrates an MBS data transmission process 1300 based on theabove-described key generating and updating methods, according to anexemplary embodiment. The process 1300 may prevent a tricky user fromcontinuing to receive MBSs after the tricky user leaves the MBSs.Referring to FIG. 13, an MBS content server 1302, a base station 1304, asubscriber station 1306, and a tricky user 1308 are shown to illustratethe data transmission process 1300.

In one exemplary embodiment, before the tricky user 1308 leaves theMBSs, the base station 1304, the subscriber station 1306, and the trickyuser 1308 may generate an MTK, e.g., MTK1, based on a MAK, e.g., MAK1.The base station 1304 encrypts MBS content data with MTK1. Thesubscriber station 1306 and the tricky user 1308 decrypt with MTK1 theencrypted MBS data received from the base station 1304 (1310).

After the tricky user 1308 leaves the MBSs or runs out of credit (1312),the base station 1304 generates updated MTKs, such as MTK2, MTK3, andMTK4, based on MAK1 and updated SCNs or MGTEKs, and encrypt MBS contentdata with MTK2, MTK3, or MTK4 (1314). The base station 1304 alsotransmits the updated SCNs or MGTEKs to the subscriber station 1306.Accordingly, the subscriber station 1306 also generates MTK2, MTK3, andMTK4, and decrypts with MTK2, MTK3, and MTK4 the encrypted MBS datareceived from the base station 1304 (1314). However, because the trickyuser 1308 does not have the updated SCNs or MGTEKs, the tricky user 1308can not generate MTK2, MTK3, or MTK4. As a result, the tricky user 1308can not decrypt the encrypted MBS content data received from the basestation 1304 after the tricky user 1308 leaves the MBSs or runs out ofcredit.

FIG. 14 illustrates a flow chart of an operation process 1400 for a basestation to provide MBSs based on the above described key generating andupdating methods, according to an exemplary embodiment. For example, thebase station may be the base station 504-1 or 504-2 (FIG. 5).

Referring to FIG. 14, the base station obtains a master key such as aMAK from an MBS content server, e.g., during network entry or reentry(1402). The base station also generates a number, e.g., a random number,as an MGTEK, and sets an SCN with an initial value. The base stationfurther sends the SCN or the MGTEK to subscriber stations based on,e.g., a multicast scheme (1404). The base station then generates an MTKbased on the MAK, the MGTEK, and/or the SCN (1406). The base stationfurther encrypts MBS content data with the MTK (1408).

Next, the base station determines if an MTK updating event occurs(1410), as described above. If the base station determines that an MTKupdating event does not occur (1410—No), the base station furtherdetermines if there is a need to update the MAK (1412). If the basestation determines that there is no need to update the MAK (1412—No),the base station continues to encrypt MBS content data with the presentMTK (1408). If the base station determines that there is a need toupdate the MAK (1412—Yes), the base station requests the MBS contentserver to update the MAK (1414), and the process returns to 1402.

If the base station determines that an MTK updating event occurs(1410—Yes), the base station further determines if it is time to updatethe MTK (1416). If the base station determines that it is not time toupdate the MTK (1416—No), the base station determines a target time toupdate the MTK, and time and frequency resources for transmitting keymaterial including the SCN or the MGTEK (1418). The base station furthertransmits a key indicator indicating the time and frequency resourcesand the key material (1420). Step 1412 is then performed. If the basestation determines that it is the time to update the MTK (1416—Yes), thebase station updates the MTK (1422). The base station further updatesthe SCN (1424), e.g., resets or increases the SCN, and step 1408 isrepeated.

FIG. 15 illustrates a flow chart of an operation process 1500 for asubscriber station to receive MBSs based on the above described keygenerating and updating methods, according to an exemplary embodiment.For example, the subscriber station may be the subscriber station 508(FIG. 5).

Referring to FIG. 15, the subscriber station obtains a master key suchas a MAK from an MBS content server, e.g., during network entry orreentry (1502). The subscriber station also receives an MGTEK and anSCN, or only the MGTEK, from a base station (1504), depending on whetherthe base station uses the method 600 (FIG. 6) or the method 700 (FIG. 7)to generate the MTK. The subscriber station then generates an MTK basedon the MAK, the MGTEK, and the SCN, or based on only the MAK and theMGTEK (1506). The subscriber station further decrypts with the MTKencrypted MBS content data received from the base station (1508).

Next, the subscriber station determines if it is time or an event occursto update the MTK (1510). For example, the subscriber station may benotified of the time to update the MTK by the base station. If thesubscriber station determines that it is not the time to update the MTK(1510—No), the subscriber station further determines if it is requestedto update the MAK (1512). If the subscriber station determines that itis requested to update the MAK (1512—Yes), the subscriber stationperforms reauthorization with an MBS content server to update the MAK(1514), and the process returns to 1502. If the subscriber stationdetermines that it is not requested to update the MAK (1512—No), thesubscriber station further determines if it has received a key indicator(1516). If the subscriber station determines that it has received thekey indicator (1516—Yes), the subscriber station further receives keymaterial including an MGTEK and possibly an SCN on time and frequencyresources indicated by the key indicator (1518). The subscriber stationcontinues to decrypt with the present MTK encrypted MBS data receivedfrom the base station (1508), before it is the time or the event occursto update the MTK. If the subscriber station determines that it is thetime or the event occurs to update the MTK (1510—Yes), the subscriberstation updates the MTK based on the received key material (1520). Step1508 is then repeated.

FIG. 16 illustrates a flow chart of an operation process 1600 for an MBScontent server to provide MBSs, according to an exemplary embodiment.For example, the MBS content server may be the MBS content server 502-1,502-2, or 502-3 (FIG. 5).

Referring to FIG. 16, the MBS content server receives a request forupdating a MAK (1602). Accordingly, the MBS content server checksservice credit information for subscriber stations (1604), anddetermines whether or not to update the MAK (1606). For example, ifthere is no new subscriber station joining the MBSs or there is noexisting subscriber station leaving the MBSs, and each subscriberstation has enough credit, the MBS content server may determine not toupdate the MAK. If the MBS content server determines not to update theMAK (1606—No), the MBS content server refuses or passes the request(1608). If the content server determines to update the MAK (1606—Yes),the MBS content server updates the MAK (1610).

In exemplary embodiments, the above described key generating andupdating methods may be used in a single frequency network (SFN). An SFNis a broadcast network in which a plurality of base stations ortransmitters simultaneously send substantially the same signal. The basestations or transmitters are typically synchronized based on asynchronization protocol or technique, such as signaling messageexchange, or synchronization according to global positioning system(GPS) signals. In addition, the base stations or transmitters may becoordinated by a particular station. For example, a central gateway maycoordinate all the base stations or transmitters in the SFN. After thebase stations or transmitters are synchronized, the base stations ortransmitters can simultaneously send substantially the same signal.Referring back to FIG. 5, in exemplary embodiments, the network 506 maybe an SFN. Accordingly, the base stations 504-1 and 504-2 maysynchronously update an MTK. As a result, for example, when thesubscriber station 508 moves from an area covered by the base station504-1 to an area covered by the base station 504-2, there is no need toperform MTK updating due to the movement.

FIG. 17 illustrates a block diagram of a base station 1700, according toan exemplary embodiment. For example, the base station 1700 may be anybase station noted above in explanation of the embodiments in FIGS.5-16. Referring to FIG. 17, the base station 1700 may include one ormore of the following components: at least one central processing unit(CPU) 1702 configured to execute computer program instructions toperform various processes and methods, random access memory (RAM) 1704and read only memory (ROM) 1706 configured to access and storeinformation and computer program instructions, storage 1708 to storedata and information, databases 1710 to store tables, lists, or otherdata structures, I/O devices 1712, interfaces 1714, antennas 1716, etc.Each of these components is well-known in the art and will not bediscussed further.

FIG. 18 illustrates a block diagram of a subscriber station 1800,according to an exemplary embodiment. For example, the subscriberstation 1800 may be any subscriber station noted above in explanation ofthe embodiments in FIGS. 5-16. Referring to FIG. 18, the subscriberstation 1800 may include one or more of the following components: atleast one central processing unit (CPU) 1802 configured to executecomputer program instructions to perform various processes and methods,random access memory (RAM) 1804 and read only memory (ROM) 1806configured to access and store information and computer programinstructions, storage 1808 to store data and information, databases 1810to store tables, lists, or other data structures, I/O devices 1812,interfaces 1814, antennas 1816, etc. Each of these components iswell-known in the art and will not be discussed further.

Other embodiments of the invention will be apparent to those skilled inthe art from consideration of the specification and practice of thedisclosure disclosed herein. This application is intended to cover anyvariations, uses, or adaptations of the invention following the generalprinciples thereof and including such departures from the presentdisclosure as come within known or customary practice in the art. It isintended that the specification and examples be considered as exemplaryonly, with a true scope and spirit of the invention being indicated bythe following claims.

It will be appreciated that the present invention is not limited to theexact construction that has been described above and illustrated in theaccompanying drawings, and that various modifications and changes can bemade without departing from the scope thereof. It is intended that thescope of the invention only be limited by the appended claims.

1. A method for a base station to provide multicast broadcast services(MBSs), comprising: obtaining an MBS authorization key (MAK); generatinga number as an MBS group traffic encryption key (MGTEK); using a servicecredit number (SCN) to count an amount of service time or MBS contentdata; generating an MBS traffic key (MTK) based on at least the MAK andthe MGTEK; encrypting MBS content data with the MTK; and transmittingthe encrypted MBS content data to provide the MBSs.
 2. The method ofclaim 1, wherein the obtaining further comprises obtaining the MAK froman MBS content server.
 3. The method of claim 2, further comprising:requesting, based on the SCN, the MBS content server or at least onesubscriber station to update the MAK.
 4. The method of claim 1, whereinthe generating of the MTK further comprises: generating the MTK based onthe MAK, the MGTEK, and the SCN.
 5. The method of claim 4, furthercomprising: updating the SCN; and updating the MTK based on the updatedSCN.
 6. The method of claim 1, further comprising: updating the SCN;updating the MGTEK when the SCN is updated; and updating the MTK basedon the updated MGTEK.
 7. The method of claim 1, further comprising:transmitting a key indicator, the key indicator indicating an event ortime and frequency resources for transmitting the MGTEK; andtransmitting the MGTEK according to the indicated event or time andfrequency resources.
 8. The method of claim 1, further comprising:transmitting a key indicator, the key indicator indicating an event ortime and frequency resources for transmitting the SCN; and transmittingthe SCN according to the indicated event or time and frequencyresources.
 9. The method of claim 8, wherein the base station providesthe MBSs to a subscriber station, the method further comprising:notifying the subscriber station of a time or an event to update theMTK.
 10. A base station to provide multicast broadcast services (MBSs),comprising: a processor, the processor being configured to: obtain anMBS authorization key (MAK); generate a number as an MBS group trafficencryption key (MGTEK); use a service credit number (SCN) to count anamount of service time or MBS content data; generate an MBS traffic key(MTK) based on at least the MAK and the MGTEK; and encrypt MBS contentdata with the MTK.
 11. The base station of claim 10, being furtherconfigured to transmit the encrypted MBS content data in a broadcastnetwork in which a plurality of base stations simultaneously sendsubstantially a same signal.
 12. The base station of claim 10, whereinthe processor is further configured to: update the SCN; and update theMTK based on the updated SCN.
 13. The base station of claim 10, whereinthe processor is further configured to: update the SCN; update the MGTEKwhen the SCN is updated; and update the MTK based on the updated MGTEK.14. A method for a subscriber station to receive multicast broadcastservices (MBSs) from a base station, comprising: obtaining an MBSauthorization key (MAK); receiving, from the base station, an MBS grouptraffic encryption key (MGTEK) and encrypted MBS content data;generating an MBS traffic key (MTK) based on the MAK and the MGTEK; anddecrypting the encrypted MBS content data with the MTK to receive theMBSs; wherein the MGTEK is a number generated by the base station; andthe MGTEK is updated according to a service credit number (SCN), the SCNbeing used by the base station to count an amount of service time or MBScontent data.
 15. The method of claim 14, wherein the obtaining furthercomprises obtaining the MAK from an MBS content server.
 16. The methodof claim 14, further comprising: receiving a key indicator from the basestation, the key indicator indicating an event or time and frequencyresources for receiving the MGTEK; and receiving the MGTEK according tothe indicated event or time and frequency resources.
 17. The method ofclaim 14, further comprising: receiving a key indicator, the keyindicator indicating an event or time and frequency resources forreceiving the SCN; and receiving the SCN according to the indicatedevent or time and frequency resources.
 18. The method of claim 14,further comprising: receiving a notification of a time or an event toupdate the MTK; and updating the MTK at the time or when the eventoccurs.
 19. A subscriber station to receive multicast broadcast services(MBSs) from a base station, comprising: a processor, the processor beingconfigured to: obtain an MBS authorization key (MAK); receive, from thebase station, an MBS group traffic encryption key (MGTEK) and encryptedMBS content data; generate an MBS traffic key (MTK) based on the MAK andthe MGTEK; and decrypt the encrypted MBS content data with the MTK;wherein the MGTEK is a number generated by the base station; and theMGTEK is updated according to a service credit number (SCN), the SCNbeing used by the base station to count an amount of service time or MBScontent data.
 20. The subscriber station of claim 19, being furtherconfigured to receive the encrypted MBS content data in a broadcastnetwork in which a plurality of base stations simultaneously sendsubstantially a same signal.